package com.l024.user.shiro;

import com.l024.common.utils.LogUtils;
import com.l024.config.config.utils.JwtUtil;
import com.l024.model.system.MeetPermissions;
import com.l024.model.system.MeetRole;
import com.l024.model.user.MeetUser;
import com.l024.user.service.MeetUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import java.util.Set;

/**
 * 权限配置类
 */
public class CustomRealm extends AuthorizingRealm {
    @Autowired
    private MeetUserService meetUserService;

    /*
     * 多重写一个support
     * 标识这个Realm是专门用来验证JwtToken
     * 不负责验证其他的token（UsernamePasswordToken）
     * */
    @Override
    public boolean supports(AuthenticationToken token) {
        //这个token就是从过滤器中传入的jwtToken
        return token instanceof JwtToken;
    }

    /**
     * 权限分配
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        //获取登录用户名
        MeetUser mUser = (MeetUser) principalCollection.getPrimaryPrincipal();
        LogUtils.logInfo("登录的用户名:"+mUser.getUPhone());
        //查询用户名称
        MeetUser meetUser = meetUserService.getUserAndRoleAndPermissions(new MeetUser().setUPhone(mUser.getUPhone()));
        //添加角色和权限
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        if(meetUser!=null){
            MeetRole meetRole = meetUser.getMeetRole();
            if(meetRole!=null){
                simpleAuthorizationInfo.addRole(meetRole.getRName());
                //添加权限
                Set<MeetPermissions> permissions = meetRole.getPermissions();
                if(permissions!=null){
                    for(MeetPermissions p:permissions){
                        simpleAuthorizationInfo.addStringPermission(p.getPName());
                    }
                }
            }
        }
        return simpleAuthorizationInfo;
    }

    /**
     * 进行用户认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        LogUtils.logInfo("进行用户认证");
        //获取用户姓名
        String userName = (String) authenticationToken.getCredentials();

        //判断
//        JwtUtil jwtUtil = new JwtUtil();
//        if (!jwtUtil.isVerify(jwt)) {
//            System.out.println("过期");
//            throw new UnknownAccountException();
//        }

        //获取用户信息
        //下面是验证这个user是否是真实存在的
//        String name = (String) jwtUtil.decode(jwt).get("username");//判断数据库中username是否存在
//        String name = authenticationToken.getPrincipal().toString();
        LogUtils.logInfo("jwtToken ===name:"+userName);
        MeetUser meetUser = meetUserService.getUserAndRoleAndPermissions(new MeetUser().setUPhone(userName));

        if(meetUser==null){
            return null;
        }else{
            //这里验证authenticationToken和simpleAuthenticationInfo的信息
            SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(meetUser,meetUser.getUPassword(),meetUser.getUPhone());

            return simpleAuthenticationInfo;
        }
    }
}

